diff --git a/roles/apache/templates/site.conf.j2 b/roles/apache/templates/site.conf.j2
index 7771162..9a65b98 100644
--- a/roles/apache/templates/site.conf.j2
+++ b/roles/apache/templates/site.conf.j2
@@ -10,6 +10,11 @@
   SSLHonorCipherOrder off
   SSLSessionTickets off
 
+  # Server certificates
   SSLCertificateKeyFile {{ tls_private }}/{{ inventory_hostname }}.key
   SSLCertificateFile {{ tls_certs }}/{{ inventory_hostname }}.crt
+
+  # Client certificate auth
+  SSLCACertificateFile {{ tls_certs }}/ca.crt
+  SSLVerifyClient require
 </VirtualHost>